How to switch between HTTP and HTTPS in ASP.NET MVC2

ASP.NET MVC2 has the new RequireHttpsAttribute that you can use to decorate any action to force any non-secure request to come through HTTPS (SSL). It can be used as simply as this:

[RequireHttps] public ActionResult LogOn() { ..... }

Now any request to the LogOn action that is not over HTTPS will automatically be redirected back to itself over HTTPS. This is very useful and easy to implement.

Unfortunately though, once the scheme is changed to HTTPS, all following requests will also be under HTTPS, which is not necessarily what you want. In most cases you do not need all requests to your site to be secure but only certain ones such as the logon page or pages that accept credit card information.

To handle this you can override the Controller.OnAuthorization method. From within this method, you can check to see if the RequireHttps attribute is set on the Controller Action by searching the Attributes collection of the ActionDescriptor object. If the RequireHttpsAttribute is not set AND the request is under SSL, then return a redirect result to the HTTP (no

I built my c# web service. Tested it. I built my android app. Tested it. All is well. I tried to get these things to talk to each other...FAIL. I found these lines in my wsdl.
<wsdl:service name="Service1">
- <wsdl:port name="Service1Soap" binding="tns:Service1Soap">
<soap:address location="https://192.168.1.100/myws/service1.asmx" />
</wsdl:port>
- <wsdl:port name="Service1Soap12" binding="tns:Service1Soap12">
<soap12:address location="https://192.168.1.100/myws/service1.asmx" />
</wsdl:port>
</wsdl:service>
What decided that the path should be https? I never told it that. It is overriding IIS which says everything should be http. Someone please help me before I go ballistic. Oh and for others developing on android 2.2, it won't take unsigned
certs, so you either have to configure a local certificate authority or go http.

I installed SharePoint 2010, created a site (complete with a document library), and assigned user permissions. Additionally, I set up certificate authentication for all users. Two problems occur:
1. As the system administrator, when I access the https site, I no longer have permissions to add/edit users
2. When user's, who have permissions to edit/add a document/folder click on "Add document" or the folder icon to add a new folder, they get an error.
Any help is much appreciated.

Currently I am having an issue with getting my WCF ajax calls to work with HTTPS. I get a javascript error telling me the service cannot be found.
We need to be able to be able to access the site through http and https. We have some of our consultants who cannnot access the site via their client site without using https. We need both http and https to work.
Here is my web.config as is now...
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="Time.AjaxServiceAspNetAjaxBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="webHttpBindingAuthenticated" sendTimeout="00:04:00">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm" />
</security>
</binding>
</webHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" >
<baseAddressPrefixFilters>
<add prefix="http://www.ourdomain.com"/>
</baseAddressPrefixFilters>
</serviceHostingEnvironment>
<services>
<service name="Time.AjaxService">
<endpoint address="" behaviorConfiguratio

I have an asp.net website hosted in a shared hosting environment. I also registered my site to have Yahoo and Google App IDs so that I can user their Social APIs to import my user's contacts (via OAuth). So everything was running fine until I've installed a SSL certificate. My site uses forms authentication which redirects each request to http://mysite.com/account/login.aspx now I wanted this page to be delivered via HTTPS so I wrote the following code in the Page_Init event of the login.aspx page:

Protected Sub Page_Init(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Init
If Not Request.IsSecureConnection Then
Dim RetUrl As String = Request.Url.ToString.Replace("http", "https")
Response.Redirect(RetUrl)
End If
End Sub

so it did the right thing for me. When user is authenticated using Forms Authentication it redirects the user to the UserHome.aspx page but with the HTTPS

URL is: https://mysite.com/userhome.aspx

so now each and every request is served using HTTPS and this is not a big problem but the Y

I would like to know if the activation of SSL (Secure Socket Layer) allow the use of both HTTP and HTTPS to access the report server

I have been asked by a web developer in my company to check if in SQL Server 2005 reporting services the activation SSL makes it possible to access the Report Server with both HTTP and HTTPS.
For example:
1. Without SSL activation you can use http://ServerName/ReportServer to access your report server
2. Once SSL is activated, we are wondering if it will be possible to access the Report Server with the following two links:
a. https//ServerName:443/ReportServer

We have a strange issue with our sharepoint server in that when accessing the sharepoint site through http reports work, when accessing through https, reports dont work. I am not a sharepoint expert by any means but have been tasked with fixing the
problem. here is what I have observed:

Scenario 1

When accessing sharepoint via http://FQDN_of_Site I am taken to the login page to login. Once authenticated, the client portal (non-secure, http) is displayed and I have the option to run several reports. Clicking the report link displays
the report as expected.

Scenario 2

When accessing sharepoint via https://FQDN_of_Site I an taken to the login page to login. Once authenticated, the client portal (secure, https) is dispalyed and I have the option to run several reports. Clicking the report link
results in the following error:

I am planning my web url secured by changing it HTTPS. For this i went to IIS and created a CCR and i went to one of the site and i pasted this to generate a free certificate. But it is showing domain already existing. Please suggest complete details of how to create a certificate and to change the link from HTTP to HTTPS.

I have MOSS 2007 and it is published through an ISA 2006 Server. My SSL recently expired, so I purchased a new SSL and installed it on my MOSS server on the SharePoint - 80 server. I then exported it and installed it on my ISA Server using these instructions
(http://www.isaserver.org/articles/exportsslcert.html).

Everything works fine if users log in through the ISA Server (these users are external to our Network).

However, internal users navigating directly to SharePoint could no long reach http:// links. When I remove the SSL, http:// links work, but https:// links do not.

I don't believe I changed anything except installing the new SSL. How can I get both http and https traffic working again with the SSL installed on the SharePoint box?

Just wanted to know your thoughts on this : is it secure to POST from an HTTP page to and HTTPS page? Basically, my login box will be on an unsecured page and when the user logs in, he is sent to an HTTPS page where the FormsAuthenticationTicket is set and the user re-redirected to his original page.

I had enabled claims Authentication and configured Forms Based Authentication (FBA) with membership provider in SharePoint 2010.
The logged-on user is kicked out when the page is redirected from https to http.
FedAuth cookie is not valid after redirecting from https to http.
Does anyone have any suggestions?

I have created a custom SharePoint 2010 WCF service that is deployed to 14\ISAPI\MYService folder. The issue i
am facing is that this service should be accessible from all Web applications, that can be HTTPS (i.e. SSL) enabled or normal HTTP. If i am making in web.config file for web application that has HTTPS enabled, then it fails for Web applications
having normal HTTP configuration. My requirement is that when this WCF service is deployed it should accessible from all web applications that can be HTTPS or HTTP both. I went through number of blogs and tried whatever option they had suggested but none
of them worked for me :(. Here are some of the blog that i tried:-

The crawler on the top right corner of the page in the header area is not working. Search box drop down has "This site: Intranet" and type-in search box to the right of it. It returns 0 results for any search. In admin consoles application
setting search area the url was changed and the site was recrawled, no change.

Now on the welcome page there is a advanced search web part which works correctly. In site actions I set the search scope for the site.

How can I get "This site: intranet" search to crawl the site correctly? Is there something else that needs to be changed since the site went from http to https?